Privacy Policy


I. General

Data Controller

Responsible for data processing is:

MindTrajour UG (haftungsbeschränkt)
Larissa Lange
Straße der Jugend 18
14974 Ludwigsfelde

Email: info@mindtrajour.com

The protection of your privacy is very important to us. Therefore, please read this privacy policy carefully.

Hosting

This website is externally hosted. The personal data collected on this website is stored on the servers of the service provider listed below. This includes, among other things, IP addresses, contact requests, meta and communication data, contract data, contact details, names, and website access. The use of the hosting service is for the purpose of fulfilling the contract with our customers (Art. 6(1)(b) GDPR) and in the interest of providing a secure and fast online presence through a professional provider (Art. 6(1)(f) GDPR). The hosting provider will process your data only to the extent necessary to fulfill its contractual obligations. We have concluded a data processing agreement with the hosting provider. The following hosting services are used:

  • Vercel Our website uses the data hosting service "Vercel" provided by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, privacy@vercel.com.

For more information on how "Vercel" handles user data, please refer to their privacy policy.

  • Supabase Our website uses the data hosting service "Supabase" provided by Supabase, Inc., 970 Toa Payoh North #07-04, Singapore 318992. For more information on how "Supabase" handles user data, please refer to their privacy policy.

II. Data Processing

Server Log Data

The provider of the pages automatically collects and stores information in server log files that your browser automatically transmits to us. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address These data are not merged with other data sources. The collection of this data is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the technically error-free presentation and optimization of our website, for which the server log files must be collected.

Cookies

Google Analytics We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

For more information on how Google Analytics handles user data, please refer to their privacy policy.

Session Cookies by Supabase Our website uses session cookies from "Supabase" provided by Supabase, Inc., 970 Toa Payoh North #07-04, Singapore 318992.

For more information on how "Supabase" handles user data, please refer to their privacy policy.

Google OAuth

We use the Google OAuth service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, for the analysis of our website. For more information on how Google Analytics handles user data, please refer to their privacy policy.

Requests by email or phone

When you contact us by email or phone, your inquiry, including the resulting personal data (name, inquiry, email address, telephone number), will be stored and processed by us for the purpose of processing your request. We will not disclose this data without your consent. The processing of this data is based on Art. 6(1)(b) of the GDPR, provided that your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively processing the inquiries directed to us (Art. 6(1)(f) of the GDPR) or on your consent (Art. 6(1)(a) of the GDPR), if requested. The data you submit to us will remain with us until you request deletion, revoke your consent for storage, or the purpose for data storage no longer applies, such as when we have processed your inquiry. Legal retention periods remain unaffected.

Contact form

There is a contact form available on our website. If you send us an inquiry through that form, your input (name, email, inquiry) will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not disclose this data without your consent. The processing of this data is based on Art. 6(1)(b) of the GDPR, provided that your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in promptly processing the inquiries (Art. 6(1)(f) of the GDPR). The data you provide in the contact form will remain with us until you request deletion, revoke your consent for storage, or the purpose for data storage no longer applies (e.g., after completing the processing of your inquiry). Mandatory legal provisions (retention periods) remain unaffected. Content of other websites On our website, you will find content from third parties, including their websites and, for example, integrated Google services, etc. When redirecting to third-party content, your IP address will be used. Without the use of the IP address, the content cannot be sent to the browsers of the respective users.

Newsletter

If you have expressly consented in accordance with Art. 6 of the GDPR, we will use the email address provided by you on this website exclusively for sending the newsletter. Your data will be sent to the following newsletter provider for the purpose of sending: CleverReach GmbH & Co. KG //CRASH Building, Schafjückenweg 2 26180 Rastede Germany You can unsubscribe at any time using a link at the end of each newsletter. However, you can also send your request to unsubscribe by email to info@mindtrajour.com.

III. Storage period

Unless a more specific storage period is mentioned in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., commercial retention periods); in the latter case, deletion will occur once the reasons for storage no longer apply.

IV. Rights of Data Subjects As a data subject, you have the following rights:

  • According to Art. 15 of the GDPR, the right to obtain information about the personal data we process concerning you to the extent specified therein.
  • According to Art. 16 of the GDPR, the right to request the rectification or completion of your personal data stored by us without undue delay.
  • According to Art. 17 of the GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary for
    • the exercise of the right to freedom of expression and information,
    • compliance with a legal obligation,
    • reasons of public interest, or
    • the establishment, exercise, or defense of legal claims.
  • According to Art. 18 of the GDPR, the right to request the restriction of the processing of your personal data if
    • the accuracy of the data is contested by you,
    • the processing is unlawful, but you oppose its erasure,
    • we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or
    • you have objected to the processing pursuant to Art. 21 of the GDPR.
  • According to Art. 20 of the GDPR, the right to receive your personal data in a structured, commonly used, and machine-readable format or to request the transmission of the data to another controller.
  • According to Art. 77 of the GDPR, the right to lodge a complaint with a supervisory authority. In general, you can contact the supervisory authority at your place of residence or habitual residence for this purpose.
  • According to Article 21 of the GDPR, the right to object in certain cases, including direct marketing. If the processing of data is based on Art. 6(1)(e) or (f) of the GDPR, you have the right to object to the processing of your personal data for reasons arising from your particular situation. The specific legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms or the processing serves the establishment, exercise, or defense of legal claims (objection pursuant to Art. 21(1) of the GDPR). If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. If you have any questions about data collection and processing, please contact us directly.

V. Social Media

We have public profiles on social networks. If you are logged into your social media account and visit our social media presence, the operator of the social media platform can associate this visit with your user account. Your personal data may also be collected even if you are not logged in or do not have an account with the respective social media provider. In this case, data collection may occur, for example, through cookies stored on your device or by capturing your IP address. With the help of the data collected in this way, social media providers can create user profiles that contain your preferences and interests. This allows them to display interest-based advertising both within and outside the respective social media channel. If you have an account with the respective social network, personalized advertising can be displayed on all devices on which you are logged in.

  1. Legal basis Our social media presence aims to ensure comprehensive visibility on the Internet. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) of the General Data Protection Regulation (GDPR). The analysis processes carried out by social media networks may be based on different legal bases, as indicated by the operators of the social media networks (e.g., consent, Art. 6(1)(a) GDPR).

  2. Data Controller and Exercise of Rights When you visit one of our social media profiles, we, together with the operator, are jointly responsible for the data processing activities triggered during your visit. You can exercise your rights (such as access, rectification, erasure, restriction of processing, data portability, and lodging a complaint) with both us and the provider of the respective social media channel.

  3. Storage Duration Data directly collected by us through our social media presence will be deleted as soon as the purpose of storage ceases to exist, you request deletion, you revoke your consent to storage, or the purpose of data storage no longer applies. Stored cookies remain on your device until you delete them. Legal retention periods are unaffected. We have no control over the storage duration of your data retained by the operators of social media networks for their own purposes. For details, please refer directly to the operators of the social media networks (e.g., in their privacy policy, see below).

VI. Specific Social Networks

  1. Instagram We have a profile on "Instagram." The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. You can find further information and the applicable privacy policy of Instagram here: Privacy Policy.
  2. LinkedIn We have a profile on "LinkedIn." The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. You can find further information and the applicable privacy policy of LinkedIn here: Privacy Policy

VII. Transfer of Data to the USA

We use plugins and tools provided by vendors based in the USA. Personal data may be transferred to the servers of the respective companies. The USA is not considered a safe third country under EU data protection law; therefore, we have entered into data processing agreements with the vendors from third countries. Each data processor is obligated by a contract in accordance with Art. 28 of the GDPR. This means, in particular, that the data processor must provide sufficient guarantees to ensure that appropriate technical and organizational measures are implemented in such a way that processing is carried out in compliance with the requirements of the GDPR and the protection of your rights as a data subject is ensured. Despite the engagement of data processors, we remain the responsible entity for the processing of your personal data within the meaning of data protection laws.

VIII. Date of Privacy Policy

March 17, 2024

© 2024 MindTrajour

Privacy PolicyImprint